The FBI is on the hunt for the hacker who stole the account information of 1.2 billion Web site users. Among the compromised are Facebook and Twitter users — and, as suspected, it seems a cybercrime ring of Russian hackers may ultimately be to blame.
When the news of the hack broke in August 2014, security researchers called it “the largest cache of stolen data.” Hold Security first revealed details on the theft of 4.5 billion records, which included the 1.2 billion usernames and passwords that correlate to over half a billion e-mail addresses.
Dubbed “CyberVor” by Hold Security, the group apparently hacked more than 420,000 Web sites to get “such an impressive number of credentials.” Hold Security has become well-known over the past few years for its involvement identifying massive data breaches, including the 2013 Adobe Systems breach and the February 2014 breach of Target stores’ database.
Mr. Grey Rises
The hacker has been linked to the theft through a Russian e-mail address, according to an FBI statement in court documents filed to gain a search warrant in December 2014. Known as “mr.grey,” the FBI worked to identify the bad actor using Hold Security’s data.
Reuters is reporting that a search of Russian hacking forums by the FBI uncovered posts by a “mr.grey,” who in November 2011 wrote that if anyone wanted account information for users of Facebook, Twitter and Russian-based social network VK, he could locate the records.
Neither Facebook nor Twitter was immediately available for comment. The FBI and the U.S. Justice Department were also not immediately available for comment.
The Broader Landscape
We caught up with Cary Gibbs, security analyst for advanced threat detection firm Tripwire, to get his thoughts on the news. He told us this attack demonstrates the lengths cybercriminals will go to exploit the digital fingerprints people leave scattered across the Internet.
“Small pieces of seemingly innocuous information can be connected together to quickly and easily piece together your identity,” Gibbs said. “It’s not uncommon for personal information harvested in this manner to provide more than enough to access bank accounts or even launch extortion attacks, such as those associated with the Ashley Madison case.”
We asked Lloyd Webb, a security analyst at Tripwire, for his thoughts on the broader landscape. He told us the laws of economics apply to hackers.
“In recent years, the black market has been flooded with data for sale so the resale price has dropped dramatically,” Webb said. “Internet criminals are amassing an enormous treasure trove of personal information to ensure they get a good return on their investment.”